> We are using only the OpenSSL cryptographic functionality, the EVP and HMAC
> functions, in a multi-threaded application. Do we need to do anything to
> ensure thread safety ? The documentation mentions
> CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() but we are not
> calling these functions nor have we put critical sections in our own code
> before calling the cryptographic functions. We are experiencing some
> crashes and attempting to track them down and thought our use of OpenSSL
> may be faulty.

Yes you need to do a few things.

The ORA Network Security with OpenSSL documents the few stubs you need
to in order for openssl to work with pthreads as well as windows
threads. You can even download the example code from the net.


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org